[jboss-jira] [JBoss JIRA] (WFCORE-2505) Key store exported from legacy security domain does not work Elytron filtering-key-store

Ondrej Kotek (JIRA) issues at jboss.org
Wed Mar 8 07:08:00 EST 2017 

     [ https://issues.jboss.org/browse/WFCORE-2505?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ondrej Kotek updated WFCORE-2505:
---------------------------------
    Steps to Reproduce: 
# {{/subsystem=security/security-domain=cert-roles-domain:add}}
# {noformat}/subsystem=security/security-domain=cert-roles-domain/jsse=classic:add(truststore={password=secret, url="/path/to/server.truststore.jks"}, keystore={password=secret, url="/path/to/server.keystore.jks"}, client-auth=true){noformat}
# {{/subsystem=security/elytron-key-store=eks:add(legacy-jsse-config=cert-roles-domain)}}
# {{/subsystem=elytron/filtering-key-store=fks:add(alias-filter=ALL,key-store=eks)}}

  was:
# {{/subsystem=security/security-domain=cert-roles-domain:add}}
# {{/subsystem=security/security-domain=cert-roles-domain/jsse=classic:add(truststore={password=secret, url="/path/to/server.truststore.jks"}, keystore={password=secret, url="/path/to/server.keystore.jks"}, client-auth=true)}}
# {{/subsystem=security/elytron-key-store=eks:add(legacy-jsse-config=cert-roles-domain)}}
# {{/subsystem=elytron/filtering-key-store=fks:add(alias-filter=ALL,key-store=eks)}}



> Key store exported from legacy security domain does not work Elytron filtering-key-store
> ----------------------------------------------------------------------------------------
>
>                 Key: WFCORE-2505
>                 URL: https://issues.jboss.org/browse/WFCORE-2505
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 3.0.0.Beta6
>            Reporter: Ondrej Kotek
>            Priority: Critical
>
> It is not possible to use a key store exported from legacy security domain (i.e. {{elytron-key-store}}) in Elytron {{filtering-key-store}}. It results in:
> {noformat}
> {
>     "outcome" => "failed",
>     "failure-description" => {
>         "WFLYCTL0080: Failed services" => {"org.wildfly.security.key-store.fks" => "org.jboss.msc.service.StartException in service org.wildfly.security.key-store.fks: java.lang.ClassCastException: org.jboss.as.security.elytron.BasicService cannot be cast to org.wildfly.extension.elytron.ModifiableKeyStoreService
>     Caused by: java.lang.ClassCastException: org.jboss.as.security.elytron.BasicService cannot be cast to org.wildfly.extension.elytron.ModifiableKeyStoreService"},
>         "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.key-store.fks"]
>     },
>     "rolled-back" => true
> }
> {noformat}
> The exported key store is announced as {{org.wildfly.security.key-store}} capability. Hence it is expected to work wherever the capability is requested.
> The same applies to {{elytron-trust-store}}.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list